CVE-2023-34339Information Exposure via Error Message in Ktor

CWE-209Information Exposure via Error Message3 documents3 sources
Severity
3.3LOWNVD
EPSS
0.0%
top 99.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Jetbrains Ktor
Timeline
PublishedJun 1

Description

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5jetbrains/ktor< 2.3.1
NVDjetbrains/ktor< 2.3.1

Patches

Patch: www.jetbrains.comPatch: www.jetbrains.com

🔴Vulnerability Details

2
CVEList
CVE-2023-34339: In JetBrains Ktor before 22023-06-01
GHSA
GHSA-w2c4-vpgj-g3jp: In JetBrains Ktor before 22023-06-01
CVE-2023-34339 — Information Exposure via Error Message | cvebase